Release notes

nevisDetect 7.2402.0.4 - 21.02.2024

Changes and new features

• CHANGED: Dependencies updated.
• FIXED: PostgreSQL data types fixed

Upgrading from nevisDetect 7.2311.0.19 - 7.2402.0.4

Step 1: Installation

Install the following packages with version 7.2402.0.4 on your servers:

• nevisdetect
• nevisadapt
• nevisdetectcl

Step 2: Configuration files

No changes required.

Step 3: Database

PostgreSQL:

• The first script (V1__Initial_Schema.sql) was updated to fix type errors. Please repair your database.

Oracle / MariaDB:

• No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 7.2311.0.19 - 15.11.2023

Changes and new features

• NEW: PostgreSQL is now supported.
• CHANGED: JRE upgraded to Java 17.
• CHANGED: Dependencies updated.
• CHANGED: DB schemas are separated by DB type, Flyway placeholders are removed.
• FIXED: Less error logs from administrative steps.

Upgrading from nevisDetect 1.16.x - 7.2311.0.19

Step 1: Installation

Install the following packages with version 7.2311.0.19 on your servers:

• nevisdetect
• nevisadapt
• nevisdetectcl

Step 2: Configuration files

No changes required.

Step 3: Database

The common Flyway placeholders were removed and the DB schema upgrade scripts were moved to their type-specific directory:

• MariaDB: /opt/nevisdetect/persistency/flyway/mariadb/sql
• Oracle: /opt/nevisdetect/persistency/flyway/oracle/sql
• PostgreSQL: /opt/nevisdetect/persistency/flyway/postgresql/sql

The Flyway checksums for already existing databases will be outdated, they need to be repaired.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.16.1.2 - 05.09.2023

Changes and new features

• CHANGED: Several ERROR logs were replaced with DEBUG.
• FIXED: We fixed several serialization issues for the BehavioSec plugin.
• FIXED: We fixed ApproveSessionRequest to mark rmToken, clientId, loginId, extId as optional
• UPGRADED: We upgraded dependencies to remove OWASP warnings.

Upgrading from nevisDetect 1.14.x - 1.16.1.2

Step 1: Installation

Install the following packages with version 1.16.1.2 on your servers:

• nevisdetect
• nevisadapt
• nevisdetectcl

Step 2: Configuration files

No changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.14.3.1 - 14.07.2023

Changes and new features

• FIXED: We fixed ApproveSessionRequest to mark rmToken, clientId, loginId, extId as optional

Upgrading from nevisAdapt 1.14.x - 1.14.3.1

Step 1: Installation

Stop the affected nevisAuth services. Install the following package with version 1.14.3.1 on your servers:

• nevisdetectcl

Step 2: Configuration files

No changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisAuth services.

nevisDetect 1.14.0.3 - 15.02.2023

Changes and new features

• FIXED: We replaced SpringFox Swagger with SpringDoc (OpenApi) due to library discontinuation.
• FIXED: We fixed parsing of autoModelDesc.

Upgrading from nevisDetect 1.13.x.x - 1.14.0.3

Step 1: Installation

Install the following packages with version 1.14.0.3 on your servers:

• nevisdetect
• nevisadapt
• nevisdetectcl

Step 2: Configuration files

No changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisAdapt 1.10.1.1 - 15.02.2023

Changes and new features

• FIXED: The changes that allow loading of Oracle JDBC driver from v1.11 were applied here.

Upgrading from nevisDetect 1.10.0.* - 1.10.1.1

Step 1: Installation

Install the following packages with version 1.10.1.1 on your servers:

• nevisdetect
• nevisadapt
• nevisdetectcl

Step 2: Configuration files

env.conf:

• In case of Oracle DB: Make sure that the path configuration (-Dloader.path) for the Oracle JDBC Driver is present.
• Make sure that the JDBC driver is found at the given path.

Example:

JAVA_OPTS="-Xms256m -Xmx1024m -Dloader.path=/var/opt/nevisdetect/persistency/libs/ -Dlogging.config=/var/opt/nevisdetect/persistency/conf/logback.xml -Dspring.profiles.active=embedded_container"

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.13.0.1 - 16.11.2022

Changes and new features

• FIXED: We fixed the nevisDetect Admin GUI opening and closing statistics with the same name together.
• FIXED: We updated the log levels of batch processing results to DEBUG.
• SECURITY: We upgraded critical vulnerable dependencies:
  • Spring Security: CVE-2022-22976, CVE-2022-22978, CVE-2022-31690, CVE-2022-31692

Upgrading from nevisDetect 1.12.x.x - 1.13.0.1

Step 1: Installation

Install the following packages with version 1.13.0.1 on your servers:

• nevisdetect
• nevisadapt
• nevisdetectcl

Step 2: Configuration files

No changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.12.2.0 - 11.10.2022

Changes and new features

• FIXED: We fixed the nevisDetect Notes generation by removing double brackets.

Upgrading from nevisDetect 1.11.0.x - 1.12.2.0

Step 1: Installation

Install the following packages with version 1.12.1.0 on your servers:

• nevisdetect
• nevisadapt
• nevisdetectcl

Step 2: Configuration files

No changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.12.1.0 - 31.08.2022

Changes and new features

• UPGRADE: We upgraded the dependencies.

Upgrading from nevisDetect 1.11.0.x - 1.12.1.0

Step 1: Installation

Install the following packages with version 1.12.1.0 on your servers:

• nevisdetect
• nevisadapt
• nevisdetectcl

Step 2: Configuration files

No changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.12.0.6 - 17.08.2022

Changes and new features

• UPGRADE: We upgraded Angular to v13.3.11.
• FIXED: We fixed nevisDetect - Admin GUI issues.

Upgrading from nevisDetect 1.11.0.x - 1.12.0.6

Step 1: Installation

Install the packages with version 1.12.0.6 (nevisdetect, nevisadapt and nevisdetectcl) on the server(s).

Step 2: Configuration files

No changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.11.0.1 - 18.05.2022

Changes and new features

• NEW: Flyway Teams Edition is supported.
• NEW: BehavioSec 5.5 is supported.
• UPGRADED: Angular is upgraded to v13.

Upgrading from nevisDetect 1.9.0.x - 1.11.0.1

Step 1: Installation

Install the packages with version 1.11.0.1 (nevisdetect, nevisadapt and nevisdetectcl) on the server(s).

Step 2: Configuration filesNo changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.10.0.3 - 16.02.2022

Changes and new features

• UPGRADED: Angular is upgraded to v13.
• UPGRADED: Spring is upgraded to v5.3.
• For changes in nevisAdapt, see nevisAdapt 1.10.0.3 - 16.02.2022.

Upgrading from nevisDetect 1.9.0.x - 1.10.0.3

Step 1: Installation

Install the packages with version 1.10.0.3 (nevisdetect, nevisadapt and nevisdetectcl) on the server(s).

Step 2: Configuration files

No changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.9.0.4 - 17.11.2021

Changes and new features

• IMPROVEMENT: The health indicators from now on are also checking if the database version is correct.

nevisAdapt

For changes in nevisAdapt, see nevisAdapt 1.9.0.4 - 17.11.2021.Upgrading from nevisDetect 1.8.0.x - 1.9.0.4

Step 1: Installation

Install the packages with version 1.9.0.4 (nevisdetect, nevisadapt and nevisdetectcl) on the server(s).

Step 2: Configuration filesNo changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.8.0.4 - 18.08.2021

Changes and new features

• NEW: You can now whitelist users in nevisDetect. nevisDetect does not execute any actions for users on the whitelist, regardless of the calculated risk for these users.
• NEW: You can now configure the nevisAdapt plug-in in such a way, that it ignores requests with a specific HTTP method or without specific data.
• NEW: It is now possible to calculate the fingerprint hash on the backend for the nevisAdapt plug-in.
• IMPROVEMENT: The BehavioSec integration has been redesigned. nevisDetect now supports new BehavioSec fraudulent flags (and their descriptions) without the need for code changes or the installation of a new nevisDetect version.
• FIXED: A NullPointerException was thrown when you uploaded a JDBC driver in the nevisAdapt/nevisDetect Database Connector patterns. This bug is now fixed.
• FIXED: The Flyway migration did not work for some database connection URLs. This bug is now fixed.

nevisAdapt

For changes in nevisAdapt, see the nevisAdapt release notes: nevisAdapt 1.8.0.4 - 18.08.2021]".Upgrading from nevisDetect 1.0.7.x - 1.8.0.4

Step 1: Installation

Install the packages with version 1.8.0.4 (nevisdetect, nevisadapt and nevisdetectcl) on the server(s).

Step 2: Configuration filesNo changes required.

Step 3: Database

Oracle/ MySQL Execute the following command:

bash> nevisdetect-persistency migrate

Step 4: Start

Start the nevisDetect components.

Notes

• If you only use the nevisAdapt/nevisAuth direct integration, you do not have to install the nevisdetect package. In this case, you only need to install the packages nevisadapt and nevisdetectcl (which contains the AuthStates for both nevisAdapt and nevisDetect).

nevisDetect 1.7.0.5 - 19.05.2021

Changes and new features

• NEW: Experimental Docker images for the nevisDetect components are now available.
• CHANGED: We have improved the following elements of the nevisAdapt plug-in:
• FIXED: There were issues with the new version of the BehavioSec plug-in. These are now fixed.

nevisAdapt

For changes in nevisAdapt, see the nevisAdapt release notes: nevisAdapt 1.7.0.5 - 19.05.2021]"Upgrading from nevisDetect 1.0.6.x - 1.7.0.5

Step 1: Installation

Install the packages with version 1.7.0.5 (nevisdetect, nevisadapt and nevisdetectcl) on the server(s).

Step 2: Configuration filesNo changes required.

Step 3: DatabaseNo changes required.

Step 4: Start

Start the nevisDetect components.

Notes

• If you only use the nevisAdapt/nevisAuth direct integration, you do not have to install the nevisdetect package. In this case, you only need to install the packages nevisadapt and nevisdetectcl (which contains the AuthStates for both nevisAdapt and nevisDetect).

nevisDetect 1.0.6.6 - 17.02.2021

Changes and new features

• IMPROVEMENT: Improved the error handling and logging in the nevisDetect core in case of missing request attributes.
• FIXED: The issue where a negative risk score in the nevisAdapt plug-in could lead to validation errors in nevisDetect. The nevisAdapt plug-in now returns "0" if the risk score is negative.
• FIXED: The bug where the "Date" filter in the User Overview screen filtered from the beginning of the day (12:00 A.M.) minus the time range (instead of from the current time, as would have been correct).
• FIXED: The bug where the "Risk Score" filter in the User Overview screen did not work properly.
• UPGRADED: Support for BehavioSec has been upgraded, to version 5.3 (including the new geolocation flags).

nevisAdapt

For changes in nevisAdapt, see the nevisAdapt release notes: nevisAdapt 1.0.6.6 - 17.02.2020]".Upgrading from nevisDetect 1.0.5.x - 1.0.6.6

Step 1: Installation

Install the packages with version 1.0.6.6 (nevisdetect, nevisadapt and nevisdetectcl) on the server(s).

Step 2: Configuration filesNo changes required.

Step 3: DatabaseNo changes required.

Step 4: Start

Start the nevisDetect components.

Notes

• If you only use the nevisAdapt/nevisAuth direct integration, you do not have to install the nevisdetect package. In this case, you only need to install the packages nevisadapt and nevisdetectcl (which contains the AuthStates for both nevisAdapt and nevisDetect).

nevisDetect 1.0.5.5 - 18.11.2020

Changes and new features

• NEW: New AuthStates to integrate the nevisAdapt service during authentication are now available (nevisAuth/nevisAdapt direct integration).
• NEW: This release of nevisAdapt provides three new analyzers:
• NEW: nevisAdapt now parses and sends the device information from the User-Agent in the FingerprintModule. This includes information such as device type, operating system and browser.
• NEW: An integrated nevisIDM REST service is now available, to send notifications from the NevisAdaptAuthState on suspicious login attempts.
• NEW: As of this release, the geolocation observation is extended with the country name, city, longitude and latitude.
• NEW: In case of integration with nevisAdmin4, the fingerprint calculation is now integrated automatically into the login renderer.
• NEW: As of this release, nevisAdapt offers a verified Oracle 19c compatibility.
• CHANGED: From now on, nevisAdapt not only delivers a risk score per module, but also per analyzer.
• CHANGED: As of this release, nevisAdapt uses a Hikari connection pool instead of Tomcat. Review and adjust all your connection pool configurations, if applicable.

Upgrading from nevisDetect 1.0.4.x - 1.0.5.5

Step 1: Installation

Install the packages with version 1.0.5.5 (nevisdetect, nevisadapt and nevisdetectcl) on the server(s).

Step 2: Configuration files

The following new configurations are required in the file /var/opt/nevisadapt/conf/nevisadapt.properties:

• Set the attribute nevisadapt.ipReputationFilePath to the location of the IP reputation database file.
• Specify the thresholds/configurations for the new analyzers. For more information, see the chapter "nevisAdapt service - Description" in the nevisAdapt Reference Guide.
• Replace the attribute spring.datasource.tomcat.maxActive with the attribute spring.datasource.hikari.maximumPoolSize. Then adjust the other connection pool settings in your configuration (if you have any) for both nevisadapt and nevisdetect-persistency. Find more information here.

Step 3: Database

Oracle/ MySQL

Execute the following commands on the server where the RPM nevisadapt-1.0.5.5 is installed:

bash> /opt/nevisadapt/flyway/bin/flyway.sh migrate

Step 4: Start

Start the nevisDetect components.

Notes

• If you use the nevisAdapt/nevisAuth direct integration only, you do not need to install the nevisdetect package. In this case, you only need the packages nevisadapt and nevisdetectcl (which contains the AuthStates for both nevisAdapt and nevisDetect).

nevisDetect 1.0.4.3 - 19.08.2020

Changes and new features

General

• NEW: We now support Oracle 18c databases as well.
• IMPROVEMENT: From now on we use the same client certificate when we have more than one message bus connection configured for the nevisDetect administration component.
• IMPROVEMENT: The connection between nevisAuth and nevisDetect has been improved so nevisAuth can start even if the message bus is not running.
• FIXED: We fixed the bug where the status and health services were not available for the nevisDetect core and feature correlator components.
• FIXED: The bug where device cookies were missing from the first authentication request is now fixed.

Upgrading from nevisDetect 1.0.3.x - 1.0.4.3

Step 1: Installation

Install the packages of nevisDetect 1.0.4.3 on the server(s).

Step 2: Configuration files

No changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.0.3.8 - 20.05.2020

Changes and new features

General

• FIXED: The bug where the risk score information of a user was not updated if the user had no risk score calculated for the last request.
• FIXED: The bug where the User overview screen was not visible in Microsoft Edge.
• FIXED: The issue related to the Flyway command line client with MariaDB. For more information, read chapter Installation of nevisDetect Persistency]" in the nevisDetect Reference Guide.
• DEPRECATED: The Oracle JDBC driver is no longer part of the packages. If you use the Oracle database, copy the driver to the /var/opt/nevisdetect/persistency/libs and /var/opt/nevisadapt/libs directories.

Upgrading from nevisDetect 1.0.2.x - 1.0.3.8

Step 1: Installation

Install the packages of nevisDetect 1.0.3.8 on the server(s).

Step 2: Configuration files

No changes required.

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.0.2.267 - 19.02.2020

Changes and new features

General

• NEW: This release includes a new RPM package called nevisdetect. The new package contains all the nevisDetect components admin, core, entrypoint, and persistency, plus the new component nevisdetect-mq. The new nevisdetect-mq component can be used as a message bus.
• CHANGED: The nevisdetect-authstate package has a new name: nevisdetectcl.
• CHANGED: From now on, the BehavioSec plug-in supports BehavioSec 5.1 and 5.2 features.
• CHANGED: The SecureTokenAuthenticationProvider now supports PKCS #12 keystores.
• CHANGED: The role-to-permission reader is now whitespace-tolerant.
• FIXED: The bug that caused an IndexOutOfBoundsException to occur in the RiskPluginLoader.
• UPGRADED: Spring, from version 4.3 to version 5.2.
• DEPRECATED: The new package structure only supports RHEL7. Support for RHEL6 is deprecated.

The previous version of nevisDetect, which consisted of one RPM per component, still supports RHEL6 and is still available.

Upgrading from nevisDetect 1.0.1.x - 1.0.2.267

Step 1: Installation

Install the packages of nevisDetect 1.0.2.267 on the server(s).

Step 2: Configuration files

• The new configuration attribute sectoken.trustStorePasswordis required to set the password for the SecToken truststore in all components with REST API (admin, persistency, and nevisadapt).

Step 3: Database

No changes required.

Step 4: Start

Start the nevisDetect components.

nevisDetect 1.0.1.243 - 07.11.2019

Changes and new features

Persistency (nevisdetect-persistency-1.0.1.243.rpm)

• IMPROVEMENT: Persisting the various risk scores has been improved.

Upgrading from nevisDetect 0.7.0.1 - 1.0.0.179

Step 1: Installation

Install the packages of nevisDetect 1.0.1.0 on the server(s).

Step 2: Configuration files

No changes required.

Step 3: Database

Oracle/ MySQL

Execute the following commands on the server where the RPM nevisdetect-persistency-1.0.1.0 is installed:

bash> /opt/nevisdetect/persistency/flyway/bin/flyway.sh migrate

Step 4: Start

Start the nevisDetect components.